On 11/2/07, Danny Swarzman <danny@stowlake.com> wrote:
> Fred,
>
> When you have an embedded system, the software has to be loaded somehow.
> Whatever means you use to load it is the thing that needs to be open.
Burned, maybe. Loaded, not required.
> When you run on COTS, anybody can reproduce everything you do to develop the
> software.
>
> How can the public verify the code on an embedded system?
Write it in a FORTH system like Open Firmware (OFW). Plenty of people
can verify every bit in a FORTH system of 8K or so. We don't need the
fancy versions like PolyFORTH.
Or compile it in a published version of a publicly available compiler
with specified libraries, and publish the checksums of the resulting
binaries. If a large enough and sufficiently diverse segment of the
public gets the same checksums, Bob's your uncle.
The general public doesn't have to trust a handful of "experts". But
they have to trust somebody, or a bunch of somebodies. Maybe after
every grade school student has a computer all the time we will get a
generation that isn't afraid of technology and can make sense of
simple code. I'm not holding my breath.
Myself, I'm willing to trust a Python implementation running on
command-line Linux. But I have kernel hackers and Python implementers
among my acquaintances, including Guido van Rossum, inventor of
Python. Also implementers of C, LISP, APL, FORTH, Smalltalk, and a
number of other languages.
> -Danny
>
>
> On Nov 2, 2007, at 7:26 PM, Fred McLain wrote:
>
>
>
> - Ability to load programs. If you depend on an external system to load the
> programs, then that external system would require the same level of
> scrutiny.
>
> Nope, that is nonsense. You do not want to have an ability to "load
> programs" in a critical system, especially from an "external system". Nor
> do you want to have any connection to an external system. Voting systems
> need to be isolated from the network. I've said before, "you can't open a
> door that doesn't exist".
We do have to be able to read data from a CD-ROM. But the entire
program can be in a single non-modifiable ROM chip with published
checksums.
-- Edward Cherlin Earth Treasury: End Poverty at a Profit http://wiki.laptop.org/go/Earth_Treasury Sustainable MBA student Presidio School of Management _______________________________________________ OVC-discuss mailing list OVC-discuss@listman.sonic.net http://lists.sonic.net/mailman/listinfo/ovc-discuss By sending email to the OVC-discuss list, you thereby agree to release the content of your posts to the Public Domain--with the exception of copyrighted material quoted according to fair use, including publicly archiving at http://gnosis.python-hosting.com/voting-project/ ================================================================== = The content of this message, with the exception of any external = quotations under fair use, are released to the Public Domain ==================================================================Received on Fri Nov 30 23:17:06 2007
This archive was generated by hypermail 2.1.8 : Fri Nov 30 2007 - 23:17:31 CST